Today Gartner released its 2019 Emerging Security and Risk Management Trends report which said that today’s modern SOCs are shifting investment, resources, and time from threat prevention to threat detection and proactive response.
Following the release of this report, Matt Walmsley, EMEA Director at Vectra, has provided his thoughts on why moving towards detection and response is vital for organisations.
Matt Walmsley, EMEA Director at Vectra:
“Detection and response capabilities are a major security gap that’s important and urgent for many organisations to still address as the ability to know if one is compromised is fundamental to effective risk management. Prevention will fail, and attackers will get inside, as the headlines shouting about the latest successful cyber breach remind us with predictable regularity. It takes a median of 177 days* in Europe before an active attacker is discovered inside an organisation, and whilst the latest reports show that attacker dwell times are slowly trending down, that doesn’t tell the whole story, nor should we be complacent.
Cybersecurity is an ongoing exercise in operational efficiency. Organisations have limited resources to address unlimited risks, threats and attackers. Time is the most important factor in detecting breaches. To mitigate damage, attacks must be detected in real time before key assets are stolen or damaged. Traditionally, detecting and responding to targeted attacks is a very time-consuming process and requires security teams to manually sort through mountains of alerts. It’s here that AI is increasingly powering automated capabilities to detect and prioritise threats at speed and scale that humans alone simply cannot achieve. In this way, man and machine work together to get ahead of attackers, and ultimately reduce their organisation’s risk.”